REMARKS/ARGUMENTS 



Claims 1, 3-8, 10-15, and 17-22 are pending in the present application. By this response, claims 
2, 9, and 16 were cancelled, claims 1, 3-8, 10, 15, 17, 19, and 22 were amended, and claims 23-25 were 
added. Claims 1, 8, and 15 were amended to incorporate the recitations of claims 2, 9, and 16, 
respectively. As such, support for the amendment to claims 1, 8, 15, and 22 can be found in claims 2, 9, 
and 16 as previously presented. Support for the other amendments to the claims may be found in the 
Specification at least on page 11, lines 20-29, page 12, lines 18-31, page 13, lines 1-2, page 19, lines 1-7, 
page 20, lines 22-29, page 21, lines 1-7, and page 22, line 29-page 23, line 22. Reconsideration of the 
claims is respectfully requested. 

I. 35 U.S.C. $ 102. Anticipation 

The Examiner has rejected claims 1 -22 under 35 U.S.C. § 102(b) as being anticipated by Benson 
et al., Providing Secure Access for Multiple Processes Having Separate Directories. U.S. Patent No. 
5,867,646, dated February 2, 1999 (hereinafter referred to as "Benson"). This rejection is respectfully 
traversed. 

A prior art reference anticipates the claimed invention under 35 U.S.C. § 102(b) only if every 
element of a claimed invention is identically shown in that single reference, arranged as they are in the 
claims. In re Bond, 910 F.2d 831, 832, 15 U.S.P.Q.2d 1566, 1567 (Fed. Cir. 1990). All limitations of the 
claimed invention must be considered when determining patentability. In re Lowry, 32 F.3d 1579, 1582, 
32 U.S.P.Q.2d 1031, 1034 (Fed. Cir. 1994). Anticipation focuses on whether a claim reads on the product 
or process a prior art reference discloses, not on what the reference broadly teaches. Kalman v. Kimberly- 
Clark Corp., 713 F.2d 760, 218 U.S.P.Q. 781 (Fed. Cir. 1983). In this case, each and every feature of 
claim 1, as amended, is not identically shown in the cited reference, arranged as they are in claim 1. 
Claim 1, as amended to incorporate now-cancelled claim 2, recites the following: 

1 . A computer implemented method in a data processing system for managing 
access to resources, the method comprising: 

responsive to matching an entry in an access control list of a specific resource 
with credentials of a process, granting a security identifier given by the access control list 
to the process, wherein the security identifier has no meaning outside of being used to 
make an access decision for the specific resource, wherein granting the security identifier 
further comprises: 

adding the security identifier to the credentials of the process to form an 
object access identifier, wherein the object access identifier is granted based on a path of 
execution; 

limiting a scope of the security identifier to an application space, wherein access 
rights associated with the security identifier are limited to a specific application, and 
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wherein propagation of access rights is prevented by specifying the access rights are 
limited to the specific application; and 

responsive to granting the security identifier to the process, identifying the 
security identifier as an unavailable security identifier that is no longer available to be 
granted to other processes, wherein the security identifier is not reused; and 

responsive to the process requesting access to the specific resource, generating 
the access decision based on the security identifier. 

Benson does not anticipate claim 1 because Benson does not teach the adding, limiting, or 
identifying steps of amended claim 1 . Claims 8, 15, and 22 recite similar subject matter. 

Benson fails to teach "adding the security identifier to the credentials of the process to form an 
object access identifier, wherein the object access identifier is granted based on a path of execution," 
previously recited by claim 2. The Examiner, however, believes otherwise and states: 
US '646 teaches: 

wherein granting a security identifier given by the access control list to 
the process further comprises: 

adding the security identifier to the credentials of the process to form an 
object access identifier, wherein the object access identifier is granted based on a 
path of execution, (see column 3, lines 48 - 50; Figure 2) 
Final Office Action dated May 1 , 2007, p. 4. 

The Examiner believes Benson teaches the missing feature in the following passage: 

First, userl requests access to system 1 at step 20 by entering a system identifier 
2, SYSIDl. The system checks system directory 3 to determine whether SYSID 
is a valid system identifier 2 on the system. 
Benson, col. 3, 11. 48-50. 

In contrast to the Examiner's assertions, this passage of Benson teaches only that a user is 
required to provide a system identifier, SYSIDl, to access system 1. The validity of the system identifier 
is determined by comparing the system identifier with the list of valid system identifiers stored in 
directory 3. However, neither this cited portion of Benson nor any other portion of Benson actually 
teaches, "adding the security identifier to the credentials of the process to form an object access 
identifier, wherein the object access identifier is granted based on a path of execution," as recited by 
amended claim 1 . Importantly, Benson teaches only that the system determines valid system identifiers 
by comparing the provided system identifier with a list of valid system identifiers that are already stored 
in the system directory. Thus, because Benson fails to teach that a security identifier is added to the 
credentials of the process, but rather only teaches a comparison to a directory of preexisting system 
identifiers, Benson does not teach this missing feature of amended claim 1. 

The Examiner also believes Benson teaches the feature, "adding the security identifier to the 
credentials of the process to form an object access identifier, wherein the object access identifier is 
granted based on a path of execution," in Figure 2. Figure 2 is as follows: 
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Benson, Figure 2. 

Figure 2 is a block diagram of computer system in which the teachings of Benson are 
implemented. User 1 is assigned a system identifier, SYSIDl. Valid system identifiers are stored in 
system directory 3. To operate a process, such as operating system 1, user 1 is required to provide a valid 
system identifier and pass an explicit security test. Thereafter, user 1 is granted access to operating 
system 1. However, before user 1 is allowed access to a resource, such as resources 5a, 5b, and 5n, 
operating system 1 must first determine whether user 1 has the requisite permission to access the 
requested resource. To this end, Benson requires user 1 to provide a vahd resource-specific identifier to 
operating system 1 which corresponds to the requested resource. Thus, to access resource 5a, user 1 is 
required to provide to operating system 1 resource-specific identifier 6a. Thereafter, operating system 1 
cross-references resource directory 7a, which contains a Hst of all vahd resource-specific identifiers, with 
system directory 3, which contains a Ust of all valid system identifiers. If the appropriate cross-reference 
between system identifier and resource-specific identifier is found, then user 1 is able to access the 
requested resource. 

Importantly, Figure 2 and the corresponding text of Benson teach only that a cross-reference of a 
system directory and resource directory is performed to determine whether a user is permitted to use a 
selected resource. In particular, Benson discloses, "the operating system first determines whether the user 
(known to the system by a system identifier) is allowed to use the resource-specific identifier by 
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comparing the linked directories." {Benson, col. 2, 11. 9-13) In other words, Benson teaches only a 
comparison of linked directories rather than adding the security identifier to the credentials of the process, 
as recited by amended claim 1. For this reason, Benson does not teach the missing feature, "adding the 
security identifier to the credentials of the process to form an object access identifier, wherein the object 
access identifier is granted based on a path of execution." 

Benson also fails to teach the feature "Hmiting a scope of the security identifier to an application 
space, wherein access rights associated with the security identifier are limited to a specific application, 
and wherein propagation of access rights is prevented by specifying the access rights are limited to the 
specific application and responsive to granting the security identifier to the process, identifying the 
security identifier as an unavailable security identifier that is no longer available to be granted to other 
processes, wherein the security identifier is not reused," as is recited in claim 1 . Benson teaches a 
directory of pre-existing system identifiers that are assigned to users. See Benson abstract. Benson does 
not teach limiting the scope of the identifiers to an application space or to a specific application to prevent 
propagation of access rights or that a security identifier is no longer available to be granted to a process in 
response to granting the security identifier to the process, such that the security identifier is not reused. In 
fact, Benson does not even suggest or mention granting an identifier to only one process so that the 
identifier is not reused. Therefore, Benson fails to teach each and every feature of claim 1 . 

Accordingly, Benson fails to anticipate claim 1. Further, because claims 3-7, 10-14, and 17-21 
depend from at least one of amended claims 1, 8, and 15, the same distinctions between Benson and the 
claimed invention in amended claim 1 apply for these claims. In addition, dependent claims 3-7, 10-14, 
and 16-21 recite additional combinations of features that are not taught or suggested by Benson. 

For example, claims 3, 10, and 17 recite "wherein the credentials of the process are modified 
based on the identity of the invoker and the path of execution by which the process is executed. As 
discussed above, Benson does not teach adding a security identifier to the credentials of a process. 
Moreover, Benson does not teach or even mention a path of execution or modifying the credentials of a 
process based on the identity of the process and the path of execution by which the process is executed. 
Therefore, Benson fails to teach the features of claims 3, 10, and 17. 

Newly added claim 23 claims "wherein the security identifier uniquely identifies the path of 
execution taken by the process and further comprising: 

granting a different security identifier to the process based on a different path of execution taken 

by the process, wherein each security identifier granted to the process represents a different path of 

execution taken by the process." Benson states: 

When a user obtains access to the operating system using a system identifier and 
attempts to access a resource by using a resource-specific identifier, the operating system 
first determines whether the user (known to the system by a system identifier) is allowed 

Page 11 of 13 
Basibes et al. - 10/672,261 



to use the resource-specific identifier by comparing the hnked directories. If the 
appropriate cross-reference between system identifier and resource-specific identifier is 
found, the operating system then determines the permission level for the resource-specific 
identifier 
Benson, column 2, lines 7-16. 

As discussed above, Benson teaches comparing linked directories to determine if a user is 
allowed to use the resource specific identifier. Benson does not teach granting different security 
identifiers based on a path of execution taken by the process in this or any other section of the reference. 
In fact, as mentioned above, Benson does not even mention a path of execution taken by a process. 
Therefore, Benson fails to teach the features of claim 23. 

Consequently, it is respectfiilly urged that the rejection of claims 1, 3-8, 10-15, and 17-22 have 
also been overcome. Therefore, the rejection of claims 1 and 3-22 under 35 U.S.C. § 102(b) has been 



Furthermore, Benson does not teach, suggest, or give any incentive to make the needed changes 
to reach the presently claimed invention. Absent the examiner pointing out some teaching or incentive to 
implement Benson and the feature "wherein granting the security identifier comprises adding the security 
identifier to the credentials of the process to form an object access identifier, wherein the object access 
identifier is granted based on a path of execution," one of ordinary skill in the art would not be led to 
modify Benson to reach the present invention when the reference is examined as a whole. Absent some 
teaching, suggestion, or incentive to modify Benson in this manner, the presently claimed invention can 
be reached only through an improper use of hindsight using the applicants' disclosure as a template to 
make the necessary changes to reach the claimed invention. 

In response to the facts established above, the Examiner states: 

Applicant argues that Benson does not teach "adding the securify 
identifier to the credentials of the process to form an object access identifier, 
wherein the object access identifier is granted based on a path of execution." 
Benson et al. discloses that an association is made between a system identifier 
and resource-specific identifier if a security test is passed (see column 3, lines 59 
- 60). As such the Examiner believes the resources-specific identifier to be 
equivalent to an object access identifier since the user's security component and 
credentials have already been processed, therefore Benson et al. is relevant to 
Applicant's claimed invention. 
Final Office Action dated May 1, 2007, pages 2-3. 

Although Applicants do not dispute the Examiner's assertion th&i Benson teaches an association 

between the system identifier and resource-specific identifier, Applicants disagree with the Examiner that 

this association renders the resource-specific identifier equivalent to the object access identifier. In 

contrast, the resource-specific identifier is not equivalent to the object access identifier because the 

resource-specific identifier is simply an identifier stored in a resource directory that is cross-referenced to 
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a system identifier stored in a system directory. On the other hand, amended claim 1 recites, "adding the 
security identifier to the credentials of the process to form an object access identifier." Simply stated, 
because the resource-specific identifier of Benson is not added to the credentials of a process, but instead 
simply stored in a resource directory for cross-reference, the resource-specific identifier of Benson is not 
equivalent to the object access identifier. Consequently, Benson does not teach the missing feature, 
"wherein granting the security identifier comprises adding the security identifier to the credentials of the 
process to form an object access identifier, wherein the object access identifier is granted based on a path 
of execution," recited in amended claims 1, 8, 15, and 22. Accordingly, Benson does not anticipate 
independent claims 1, 8, 15, and 22, and claims 3-7, 10-14, and 16-21, which depend from at least one of 
claims 1, 8, and 15. 

II. Conclusion 

It is respectfully urged that the subject application is patentable over Benson and is now in 
condition for allowance. The Examiner is invited to call the undersigned at the below-listed telephone 
number if in the opinion of the examiner such a telephone conference would expedite or aid the 
prosecution and examination of this application. 

DATE: July 31. 2007 

Respectfiilly submitted, 

/Mari Stewart/ 

Mari Stewart 
Reg. No. 50,359 
Yee «& Associates, P.C. 
P.O.Box 802333 
Dallas, TX 75380 
(972) 385-8777 
Attorney for Applicants 
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